fixes a few comments

supertokens · Jul 16, 2024 · 6d33e18 · 6d33e18
1 parent a8ae033
commit 6d33e18
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 4 deletions.
diff --git a/lib/ts/recipe/emailpassword/types.ts b/lib/ts/recipe/emailpassword/types.ts
@@ -359,7 +359,6 @@ export type APIInterface = {
     passwordResetPOST:
         | undefined
         | ((input: {
-              googleRecaptchaToken?: string;
               formFields: {
                   id: string;
                   value: string;

diff --git a/lib/ts/recipe/passwordless/types.ts b/lib/ts/recipe/passwordless/types.ts
@@ -122,6 +122,7 @@ export type RecipeInterface = {
             tenantId: string;
             userContext: UserContext;
             securityOptions?: {
+                enforceUserBan?: boolean; // in case this is a sign in and not a sign up
                 enforceEmailBan?: boolean;
                 enforcePhoneNumberBan?: boolean;
                 ipBan?: {
@@ -144,6 +145,11 @@ export type RecipeInterface = {
         | {
               status: "EMAIL_BANNED_ERROR" | "PHONE_NUMBER_BANNED" | "IP_BANNED_ERROR";
           }
+        | {
+              status: "USER_BANNED_ERROR";
+              user: User;
+              recipeUserId: RecipeUserId;
+          }
     >;
 
     createNewCodeForDevice: (input: {
@@ -402,13 +408,15 @@ export type APIInterface = {
         | GeneralErrorResponse
     >;
 
+    // we intentionally do not add googleRecaptcha in here cause
+    // it's the same device that generates the code during createCode, and if
+    // that's not a bot, nor is this.
     resendCodePOST?: (
         input: { deviceId: string; preAuthSessionId: string } & {
             tenantId: string;
             session: SessionContainerInterface | undefined;
             options: APIOptions;
             userContext: UserContext;
-            googleRecaptchaToken?: string;
         }
     ) => Promise<GeneralErrorResponse | { status: "RESTART_FLOW_ERROR" | "OK" }>;
 

diff --git a/lib/ts/recipe/thirdparty/types.ts b/lib/ts/recipe/thirdparty/types.ts
@@ -280,11 +280,11 @@ export type APIInterface = {
               | GeneralErrorResponse
           >);
 
+    // no google recaptcha here cause we reply on the provider to detect bots
     signInUpPOST:
         | undefined
         | ((
               input: {
-                  googleRecaptchaToken?: string;
                   provider: TypeProvider;
                   tenantId: string;
                   session: SessionContainerInterface | undefined;

diff --git a/lib/ts/recipe/totp/types.ts b/lib/ts/recipe/totp/types.ts
@@ -192,7 +192,6 @@ export type APIInterface = {
     createDevicePOST:
         | undefined
         | ((input: {
-              googleRecaptchaToken?: string;
               deviceName?: string;
               options: APIOptions;
               session: SessionContainerInterface;

diff --git a/lib/ts/types.ts b/lib/ts/types.ts
@@ -107,6 +107,20 @@ export type RiskScores = {
 export type SecurityFunctions = {
     getInfoFromRequest: (input: { request: BaseRequest; userContext: UserContext }) => InfoFromRequest;
 
+    // this function will return hasProvidedV2SecretKey || hasProvidedV1SecretKey by default.
+    shouldPerformGoogleRecaptcha: (input: {
+        hasProvidedV2SecretKey: boolean;
+        hasProvidedV1SecretKey: boolean;
+        api:
+            | "password-reset-code-generation"
+            | "emailpassword-signin"
+            | "emailpassword-signup"
+            | "passwordless-create-code"
+            | "totp-verify-device"
+            | "totp-verify-totp";
+        userContext: UserContext;
+    }) => Promise<boolean>;
+
     performGoogleRecaptchaV2: (input: {
         infoFromRequest: InfoFromRequest;
         clientResponseToken: string;